A group of researchers from North Carolina State University have managed to create a proof-of-concept rootkit for the Android OS that is able to hijack the clicks made by the phone owners and use them to launch malicious applications without the users being aware of it.

Led by Assistant Professor Xuxian Jiang, the group was initially concentrated of finding security weaknesses in various smartphone platforms, but proceeded to create the rootkit in order to discover how Android developers could defend users against this type of attack.

The rootkit in question targets the Android framework and not the OS' kernel, which makes it easier to develop, and can be easily bundled up with a legitimate application offered for download on any of the existing online Android marketplaces. Currently, it can be installed on all but the latest version of Android.

Once established on the device, it can do things like replace the smartphone’s browser with one that covertly steals all the confidential information the users enters in it, or hide or replace any of the other apps - all without restarting the phone or alerting its owner in any way.

In fact, the mechanism used for the attack has been dubbed "user interface readdresing" and requires no privilege escalation.

"The rootkit was not that difficult to develop, and no existing mobile security software is able to detect it," claims Jiang. "But there is good news. Now that we’ve identified the problem, we can begin working on ways to protect against attacks like these."

Spotlight

By working with the DevOps team, you can ensure that the production environment is more predictable, auditable and more secure than before. The key is to integrate your security requirements into the DevOps pipeline.

A critical vulnerability in ANTlabs InnGate devices, a popular Internet gateway for visitor-based networks and commonly installed in hotels and convention centers, has been discovered. The flaw could allow an attacker to monitor or tamper with traffic to and from any hotel WiFi user's connection.

In this interview, Raj Samani, VP and CTO EMEA at Intel Security, talks about successful information security strategies aimed at the critical infrastructure, government challenges, the role of regulation, and more.